diff options
Diffstat (limited to 'web/web.go')
-rw-r--r-- | web/web.go | 32 |
1 files changed, 0 insertions, 32 deletions
diff --git a/web/web.go b/web/web.go index 7a2d424aa..1d59ef946 100644 --- a/web/web.go +++ b/web/web.go @@ -140,9 +140,6 @@ func root(c *api.Context, w http.ResponseWriter, r *http.Request) { return } - w.Header().Set("X-FRAME-OPTIONS", "DENY") - w.Header().Set("Content-Security-Policy", "frame-ancestors none") - if len(c.Session.UserId) == 0 { page := NewHtmlTemplatePage("signup_team", "Signup") page.Render(c, w) @@ -159,9 +156,6 @@ func signup(c *api.Context, w http.ResponseWriter, r *http.Request) { return } - w.Header().Set("X-FRAME-OPTIONS", "DENY") - w.Header().Set("Content-Security-Policy", "frame-ancestors none") - page := NewHtmlTemplatePage("signup_team", "Signup") page.Render(c, w) } @@ -183,9 +177,6 @@ func login(c *api.Context, w http.ResponseWriter, r *http.Request) { team = tResult.Data.(*model.Team) } - w.Header().Set("X-FRAME-OPTIONS", "DENY") - w.Header().Set("Content-Security-Policy", "frame-ancestors none") - // If we are already logged into this team then go to home if len(c.Session.UserId) != 0 && c.Session.TeamId == team.Id { page := NewHtmlTemplatePage("home", "Home") @@ -204,9 +195,6 @@ func login(c *api.Context, w http.ResponseWriter, r *http.Request) { func signupTeamConfirm(c *api.Context, w http.ResponseWriter, r *http.Request) { email := r.FormValue("email") - w.Header().Set("X-FRAME-OPTIONS", "DENY") - w.Header().Set("Content-Security-Policy", "frame-ancestors none") - page := NewHtmlTemplatePage("signup_team_confirm", "Signup Email Sent") page.Props["Email"] = email page.Render(c, w) @@ -229,9 +217,6 @@ func signupTeamComplete(c *api.Context, w http.ResponseWriter, r *http.Request) return } - w.Header().Set("X-FRAME-OPTIONS", "DENY") - w.Header().Set("Content-Security-Policy", "frame-ancestors none") - page := NewHtmlTemplatePage("signup_team_complete", "Complete Team Sign Up") page.Props["Email"] = props["email"] page.Props["DisplayName"] = props["display_name"] @@ -283,9 +268,6 @@ func signupUserComplete(c *api.Context, w http.ResponseWriter, r *http.Request) } } - w.Header().Set("X-FRAME-OPTIONS", "DENY") - w.Header().Set("Content-Security-Policy", "frame-ancestors none") - page := NewHtmlTemplatePage("signup_user_complete", "Complete User Sign Up") page.Props["Email"] = props["email"] page.Props["TeamDisplayName"] = props["display_name"] @@ -358,9 +340,6 @@ func getChannel(c *api.Context, w http.ResponseWriter, r *http.Request) { team = tResult.Data.(*model.Team) } - w.Header().Set("X-FRAME-OPTIONS", "DENY") - w.Header().Set("Content-Security-Policy", "frame-ancestors none") - page := NewHtmlTemplatePage("channel", "") page.Title = name + " - " + team.DisplayName + " " + page.SiteName page.Props["TeamDisplayName"] = team.DisplayName @@ -416,17 +395,12 @@ func verifyEmail(c *api.Context, w http.ResponseWriter, r *http.Request) { isVerified = "false" } - w.Header().Set("X-FRAME-OPTIONS", "DENY") - w.Header().Set("Content-Security-Policy", "frame-ancestors none") - page := NewHtmlTemplatePage("verify", "Email Verified") page.Props["IsVerified"] = isVerified page.Render(c, w) } func findTeam(c *api.Context, w http.ResponseWriter, r *http.Request) { - w.Header().Set("X-FRAME-OPTIONS", "DENY") - w.Header().Set("Content-Security-Policy", "frame-ancestors none") page := NewHtmlTemplatePage("find_team", "Find Team") page.Render(c, w) } @@ -468,9 +442,6 @@ func resetPassword(c *api.Context, w http.ResponseWriter, r *http.Request) { teamDisplayName = team.DisplayName } - w.Header().Set("X-FRAME-OPTIONS", "DENY") - w.Header().Set("Content-Security-Policy", "frame-ancestors none") - page := NewHtmlTemplatePage("password_reset", "") page.Title = "Reset Password - " + page.SiteName page.Props["TeamDisplayName"] = teamDisplayName @@ -580,9 +551,6 @@ func signupCompleteOAuth(c *api.Context, w http.ResponseWriter, r *http.Request) user.TeamId = team.Id - w.Header().Set("X-FRAME-OPTIONS", "DENY") - w.Header().Set("Content-Security-Policy", "frame-ancestors none") - page := NewHtmlTemplatePage("signup_user_oauth", "Complete User Sign Up") page.Props["User"] = user.ToJson() page.Props["TeamName"] = team.Name |